Beefy Boxes and Bandwidth Generously Provided by pair Networks
Clear questions and runnable code
get the best and fastest answer
 
PerlMonks  

Extensible DBI front-end

by TheoPetersen (Priest)
on Jul 17, 2001 at 21:35 UTC ( #97374=perlquestion: print w/ replies, xml ) Need Help??
TheoPetersen has asked for the wisdom of the Perl Monks concerning the following question:

I haven't been a big fan of DBI front-ends in the past; I particularly don't care for the ones that try to make an abstract interface around SQL, since I always seem to run into something the interface doesn't handle. But I do appreciate centralized logging and debugging facilities and other such features.

Today I needed to add HTML screening to one of our sites, which uses a home-brewed wrapper around DBI for inserts and updates. That was fortunate, since I could go into the two methods and call escape_html on each value being passed to DBI's execute method. Neat and simple, but it got me wondering.

It seems like other sites and tools would benefit from having a front-end that prepares data before DBI writes it -- maybe you only want to screen some HTML tags, or check for naughty words or what ever. I went looking around for such a beast, but couldn't find one, nor could I see an easy way to put a hook for such into the DBI code (though I didn't look very hard).

I checked a few modules on CPAN that seemed likely contenders; DBIx::Abstract has most of the other features of our home-brew, and would be as easily modified to handle this, but doesn't have a quote/escape hook.

So, anyone know of a good module for doing this, an easy way to hook the code into DBI, or a better solution?

Comment on Extensible DBI front-end
Re: Extensible DBI front-end
by Masem (Monsignor) on Jul 17, 2001 at 22:13 UTC
    Possibly overlooked, but easily plugged in (though non-module) is the approach the the Everything engine does. You can find it in their code, the upshot being that besides the conversion of the typical HTML symbols to the &###; variety, it also limits what HTML tags you can accept in an HTML field (including none), as well as the ability to limit what attributes in those tags are accepted.

    Mind you, I yet to see of a good DBI frontend that does any other preparsing beyond that of meta-quoting.


    Dr. Michael K. Neylon - mneylon-pm@masemware.com || "You've left the lens cap of your mind on again, Pinky" - The Brain

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://97374]
Approved by root
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (6)
As of 2014-08-02 07:45 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Who would be the most fun to work for?















    Results (55 votes), past polls